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WHAT IS CLAIMED IS: 

1 . A system comprising: 

a processor capable of running virtual machines, the processor having at least two 
modes of operation, wherein a first processor mode is to run a virtual machine; 

memory operatively coupled to the processor, the memory storing a virtual 
management control structure (VMCS) to define authorized access to system resources; 

a monitor to run in a second processor mode; and 

means for automatically switching from the first processor mode to the second 
processor mode based on an attempted access of system resources defined in the VMCS. 

2. The system as recited in claim 1, wherein the first processor mode is 
Virtual Machine Extension (VMX) mode. 

3. The system as recited in claim 1, wherein the monitor is a runtime services 
monitor (RSM) to execute a runtime service on behalf of a virtual machine, the virtual 
machine to run in the first processor mode, wherein the RSM is to place results of the 
runtime service execution in a shared memory location accessible by the virtual machine. 

4. The system as recited in claim 1, wherein the processor is to run more than 
one virtual machine. 

5. The system as recited in claim 4, wherein the processor is capable of 
running a first virtual machine simultaneously with a second virtual machine where the 
virtual machines use different operating systems. 
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6. The system as recited in claim 1, wherein the monitor is to access at least 
one of data and instructions to be protected from the virtual machine. 

7. A system for protecting system resources, comprising: 

a processor having at least two modes of operation, wherein a first processor 
mode is to run a virtual machine and a second processor mode is to run a monitor; 

a monitor to run in the second processor mode, wherein the monitor is to access 
system resources not deemed accessible by the virtual machine; and 

at least one system resource, wherein an attempt to access at least one system 
resource by a "virtual machine automatically switches the processor mode of operation 
from the first processor mode to the second processor mode and switches execution 
control to the monitor. 

8. The system as recited in claim 7, wherein the at least one system resource 
corresponds to a runtime service, wherein the runtime service comprises at least one item 
selected from the group consisting of code and data. 

9. The system as recited in claim 8, wherein the system resource comprises 
an address of a function pointer, wherein the function pointer points to the corresponding 
runtime service. 

10. A method for protecting runtime services, comprising: 
attempting access to a system resource by an operating system, wherein the 

operating system runs in virtual machine execution mode on a processor; 

automatically switching the processor mode to monitor mode from virtual 
machine execution mode, in response to the attempted access; 
accessing the system resource by the monitor; and 
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switching the processor mode back to virtual machine execution mode from 
monitor mode. 

1 1 . The method as recited in claim 10, wherein the system resource 
corresponds to a runtime service, and wherein the runtime service comprises at least one 
item selected from the group consisting of code and data. 

12. The method as recited in claim 11, wherein the system resource comprises 
an address of a function pointer, wherein the function pointer points to the corresponding 
runtime service. 

13. The method as recited in claim 11, further comprising: 
executing the runtime service by the monitor; and 

storing results of the runtime service in a shared storage location accessible by the 
operating system. 

14. The method as recited in claim 11, wherein the operating system executes 
in a virtual machine. 

15. The method as recited in claim 14, wherein more than one virtual machine 
is executing simultaneously on the processor. 

16. The method as recited in claim 15, wherein the monitor is a virtual 
machine monitor having a runtime services monitor component. 

17. A machine accessible medium having instructions that when executed 
result in the performance of the following: 

attempting access to a system resource by an operating system, wherein the 
operating system runs in virtual machine execution mode on a processor; 
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automatically switching the processor mode to monitor mode from virtual 
machine execution mode, in response to the attempted access; 
accessing the system resource by the monitor; and 

switching the processor mode to virtual machine execution mode from monitor 

mode. 

18. The machine accessible medium as recited in claim 17, wherein the 
system resource corresponds to a runtime service, and wherein the runtime service 
comprises at least one item selected from the group consisting of code and data. 

19. The machine accessible medium recited in claim 18, wherein executing 
the instructions further performs: 

executing the runtime service by the monitor; and 

storing results of the runtime service in a shared storage location accessible by the 
operating system. 

20. The machine accessible medium recited in claim 17, wherein the operating 
system is a virtual machine. 

21 . The machine accessible medium recited in claim 20, wherein more than 
one virtual machine is executing simultaneously on the processor. 

22. The machine accessible medium recited in claim 21, wherein the monitor 
is a virtual machine monitor having a runtime services monitor component. 



20 



